sandbox: Only mount new procfs instance for PID ns

If we don't have a PID namespace, we're not allowed to mount a new
procfs instance and subsequently get an error (EPERM).

To cope with this, we're now bind-mounting /proc just like the other
pseudo file systems IFF we're not using the CLONE_NEWPID flag.

Signed-off-by: aszlig <aszlig@nix.build>

0 files changed, 0 insertions, 0 deletions